- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
CVE-2020-0669: LDAP Relay to SYSTEM in LSASS — No Server Attack Required
Attackers don't need to breach your LDAP server. They can stand up a fake one and wait for Windows machines to call home. One crafted LDAP response chains into SYSTEM-level code execution inside LSASS.EXE — no exploit binary, no malware, just protocol abuse.
We break down the relay, the Windows auto-enrollment trigger, detection blind spots, and what defenders can actually do about it.
⏱️ Timestamps
0:00 – Intro: Why this flips the script
1:30 – How LDAP relay works (plain English)
4:15 – The Windows auto-enrollment trigger
7:00 – Crafted response → LSASS execution
10:30 – Detection blind spots
12:45 – Mitigation and takeaways
🔗 Links
Spotify: https://open.spotify.com/episode/60ZrsnHVjH4Y1d3GOfstdb?si=PxD1P6t2QRCVR7n-TWHrkw
Microsoft advisory: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-0669
#CVE20200669 #ldap #windowssecurity #LSASS #redteam #activedirectory #infosec #cybersecurity
Видео CVE-2020-0669: LDAP Relay to SYSTEM in LSASS — No Server Attack Required канала ZeroDay Brief
We break down the relay, the Windows auto-enrollment trigger, detection blind spots, and what defenders can actually do about it.
⏱️ Timestamps
0:00 – Intro: Why this flips the script
1:30 – How LDAP relay works (plain English)
4:15 – The Windows auto-enrollment trigger
7:00 – Crafted response → LSASS execution
10:30 – Detection blind spots
12:45 – Mitigation and takeaways
🔗 Links
Spotify: https://open.spotify.com/episode/60ZrsnHVjH4Y1d3GOfstdb?si=PxD1P6t2QRCVR7n-TWHrkw
Microsoft advisory: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-0669
#CVE20200669 #ldap #windowssecurity #LSASS #redteam #activedirectory #infosec #cybersecurity
Видео CVE-2020-0669: LDAP Relay to SYSTEM in LSASS — No Server Attack Required канала ZeroDay Brief
Комментарии отсутствуют
Информация о видео
15 мая 2026 г. 18:56:11
00:24:16
Другие видео канала
One DNS packet. Full SYSTEM. No malware. 🔓
CVE-2026-48172 + CVE-2026-41940: cPanel's Month from Hell — Root via Redis Toggle
MiniPlasma: Windows Mini-Filter Driver 0-Day — SYSTEM on Fully Patched Systems
If you run Cisco SD-WAN... still unpatched? ⏰
CVE-2026-45585: Windows BitLocker — YellowKey Recovery Bypass Breakdown
CVE-2026-20182: Cisco SD-WAN CVSS 10.0 RCE Exploit Breakdown
Trick the Scanner, Own the Machine ⚡
CVE-2026-9082: Drupal Core SQL Injection — Five Years of Silence, Then 15,000 Attacks
CVE-2026-41091: Microsoft Defender Zero-Days — Link Following to SYSTEM
Three bugs. One target. Linux's page cache. 🔥
TPM-Only Was Security Theater 💀
Your antivirus runs in this stack too 🫥
SYSTEM via cldflt.sys. The AV never saw it. 💀
Six Ways Trust Architecture Fails 🛡️
Your neighbor's Joomla install just owned your database 💀
5 years of silence. Then 15,000 attacks. 🔥
They signed packages as someone else 🔓
One packet. No auth. Full control. 💀
Trust nothing. Verify everything 🫥
IPsec decrypted straight into the page cache 💀
